Date: Sat, 11 Apr 2026 18:18:27 +0000 From: Vladimir Druzenko <vvd@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: d848ed23c8de - main - net/keycloak: Fix runtime for Java 25+, improve port Message-ID: <69da9073.37c7f.3ea1126a@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by vvd: URL: https://cgit.FreeBSD.org/ports/commit/?id=d848ed23c8dedc71a10834bd17465153e79d22ec commit d848ed23c8dedc71a10834bd17465153e79d22ec Author: Vladimir Druzenko <vvd@FreeBSD.org> AuthorDate: 2026-04-11 17:49:22 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2026-04-11 17:49:22 +0000 net/keycloak: Fix runtime for Java 25+, improve port Add to JAVA_ADD_OPENS in kc.sh for run with Java 25+: --add-opens=java.base/java.lang=ALL-UNNAMED --enable-native-access=ALL-UNNAMED The patch was obtained from here: https://github.com/keycloak/keycloak/pull/45872/files#diff-28d941fe33e0f8217892e8096ba7152ba9ade67e3b2c3f0ce31a333d90cc339d For more information read: https://github.com/keycloak/keycloak/issues/43265 https://github.com/keycloak/keycloak/pull/45872 Improve port: - Parametrize "keycloak" with "${PORTNAME}" in USE_RC_SUBR. - Replace "RM *.bat" with "EXTRACT_AFTER_ARGS=--exclude *.bat". - Remove unnecessary "+" in "SUB_FILES+=" and "SUB_LIST+=". - Use declared "KEYCLOAK_GROUP" instead of "USERS" in "GROUPS" assignment. - Use "RLN" instad of "LN -sf". - Move the creation of "*.sample" configuration files from "post-patch" to "do-install". - Improve alignment in comments rc script. - Respect "%%USER%%" and "%%GROUP%%" in rc script. - Replace "export JAVA_HOME=…" with "${name}_env=JAVA_HOME=…" in rc script. PR: 294235 Approved by: Matthias Wolf <freebsd@rheinwolf.de> (maintainer) Sponsored by: UNIS Labs MFH: 2026Q2 --- net/keycloak/Makefile | 27 +++++++++++++-------------- net/keycloak/files/keycloak.in | 31 +++++++++++++++++-------------- net/keycloak/files/patch-bin_kc.sh | 11 +++++++++++ 3 files changed, 41 insertions(+), 28 deletions(-) diff --git a/net/keycloak/Makefile b/net/keycloak/Makefile index 38e1a169195d..580df24307a8 100644 --- a/net/keycloak/Makefile +++ b/net/keycloak/Makefile @@ -1,5 +1,6 @@ PORTNAME= keycloak DISTVERSION= 26.5.7 +PORTREVISION= 1 CATEGORIES= net java MASTER_SITES= https://github.com/${PORTNAME}/${PORTNAME}/releases/download/${DISTVERSION}/ @@ -16,12 +17,15 @@ JAVA_VERSION= 21+ JAVA_OS= native JAVA_VENDOR= openjdk -USE_RC_SUBR= keycloak +USE_RC_SUBR= ${PORTNAME} SHEBANG_FILES= bin/kc.sh \ bin/kcadm.sh \ bin/kcreg.sh +EXTRACT_AFTER_ARGS= --exclude '*.bat' \ + --no-same-owner --no-same-permissions + VAR_DIR?= /var LOG_DIR?= ${VAR_DIR}/log/${PORTNAME} RUN_DIR?= ${VAR_DIR}/run/${PORTNAME} @@ -29,8 +33,8 @@ RUN_DIR?= ${VAR_DIR}/run/${PORTNAME} NO_ARCH= yes NO_BUILD= yes -SUB_FILES+= pkg-message -SUB_LIST+= JAVA=${JAVA} \ +SUB_FILES= pkg-message +SUB_LIST= JAVA=${JAVA} \ JAVA_HOME=${JAVA_HOME} \ LOG_DIR=${LOG_DIR} \ PORTNAME=${PORTNAME} \ @@ -41,7 +45,7 @@ SUB_LIST+= JAVA=${JAVA} \ KEYCLOAK_USER= ${PORTNAME} KEYCLOAK_GROUP= ${PORTNAME} USERS= ${KEYCLOAK_USER} -GROUPS= ${USERS} +GROUPS= ${KEYCLOAK_GROUP} PLIST_SUB= VERSION=${DISTVERSION} \ USER=${KEYCLOAK_USER} \ @@ -53,14 +57,6 @@ CONFIG_FILES= conf/cache-ispn.xml \ conf/keycloak.conf \ lib/quarkus/build-system.properties -post-patch: -.for f in ${CONFIG_FILES} - ${MV} ${WRKSRC}/${f} ${WRKSRC}/${f}.sample -.endfor - ${RM} ${WRKSRC}/bin/kc.bat - ${RM} ${WRKSRC}/bin/kcadm.bat - ${RM} ${WRKSRC}/bin/kcreg.bat - do-install: ${MKDIR} ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/bin \ ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/data \ @@ -72,10 +68,13 @@ do-install: (cd ${WRKSRC}/bin && ${COPYTREE_SHARE} client ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/bin) # Install jar files, configuration and everything else +.for f in ${CONFIG_FILES} + ${MV} ${WRKSRC}/${f} ${WRKSRC}/${f}.sample +.endfor (cd ${WRKSRC} && ${COPYTREE_SHARE} "conf lib providers themes" ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}) # Create links for kc* binaries - ${LN} -sf ../share/java/${PORTNAME}/bin/kcadm.sh ${STAGEDIR}${PREFIX}/bin/kcadm - ${LN} -sf ../share/java/${PORTNAME}/bin/kcreg.sh ${STAGEDIR}${PREFIX}/bin/kcreg + ${RLN} ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/bin/kcadm.sh ${STAGEDIR}${PREFIX}/bin/kcadm + ${RLN} ${STAGEDIR}${JAVASHAREDIR}/${PORTNAME}/bin/kcreg.sh ${STAGEDIR}${PREFIX}/bin/kcreg .include <bsd.port.mk> diff --git a/net/keycloak/files/keycloak.in b/net/keycloak/files/keycloak.in index 80a6187ea7cf..9bad9fdd1ccb 100644 --- a/net/keycloak/files/keycloak.in +++ b/net/keycloak/files/keycloak.in @@ -9,12 +9,16 @@ # Add these following line to /etc/rc.conf.local or /etc/rc.conf # to enable this service: # -# %%PORTNAME%%_enable (bool): Set it to YES to enable keycloak on startup. -# Default: NO -# %%PORTNAME%%_user (string): User account to run with. -# Default: www -# %%PORTNAME%%_flags (string): Additional flags for the startup script. -# Default: start +# %%PORTNAME%%_enable (bool): Set it to YES to enable keycloak on startup. +# Default: NO +# %%PORTNAME%%_user (string): User account to run with. +# Default: %%USER%% +# %%PORTNAME%%_group (string): Group for %%LOG_DIR%% and %%RUN_DIR%%. +# Default: %%GROUP%% +# %%PORTNAME%%_flags (string): Additional flags for the startup script. +# Default: start +# %%PORTNAME%%_java_home (string): JAVA_HOME to run with. +# Default: %%JAVA_HOME%% # . /etc/rc.subr @@ -25,11 +29,12 @@ desc="Identity and access management solution" load_rc_config $name -: ${%%PORTNAME%%_enable:=NO} -: ${%%PORTNAME%%_user:=%%USER%%} -: ${%%PORTNAME%%_group:=%%GROUP%%} +: ${%%PORTNAME%%_enable:="NO"} +: ${%%PORTNAME%%_user:="%%USER%%"} +: ${%%PORTNAME%%_group:="%%GROUP%%"} : ${%%PORTNAME%%_flags="start"} : ${%%PORTNAME%%_java_home="%%JAVA_HOME%%"} +%%PORTNAME%%_env="${%%PORTNAME%%_env} JAVA_HOME=${%%PORTNAME%%_java_home}" pidfile=%%RUN_DIR%%/%%PORTNAME%%.pid command=/usr/sbin/daemon @@ -39,18 +44,16 @@ start_cmd="%%PORTNAME%%_start" stop_cmd="%%PORTNAME%%_stop" build_cmd="%%PORTNAME%%_build" -export JAVA_HOME=${%%PORTNAME%%_java_home} - %%PORTNAME%%_start() { if [ ! -d "%%LOG_DIR%%" ]; then - install -d -o ${%%PORTNAME%%_user} %%LOG_DIR%% + install -d -o ${%%PORTNAME%%_user} -g ${%%PORTNAME%%_group} %%LOG_DIR%% fi if [ ! -d "%%RUN_DIR%%" ]; then - install -d -o ${%%PORTNAME%%_user} %%RUN_DIR%% + install -d -o ${%%PORTNAME%%_user} -g ${%%PORTNAME%%_group} %%RUN_DIR%% fi - chown -R ${%%PORTNAME%%_user} %%LOG_DIR%% + chown -R ${%%PORTNAME%%_user}:${%%PORTNAME%%_group} %%LOG_DIR%% %%RUN_DIR%% echo "Starting %%PORTNAME%%." ${command} ${command_args} \ diff --git a/net/keycloak/files/patch-bin_kc.sh b/net/keycloak/files/patch-bin_kc.sh new file mode 100644 index 000000000000..ef9f8883e6d1 --- /dev/null +++ b/net/keycloak/files/patch-bin_kc.sh @@ -0,0 +1,11 @@ +--- bin/kc.sh.orig 2026-04-07 11:28:05 UTC ++++ bin/kc.sh +@@ -113,7 +113,7 @@ if [ -z "$JAVA_ADD_OPENS" ]; then + + # See also https://github.com/wildfly/wildfly-core/blob/7e5624cf92ebe4b64a4793a8c0b2a340c0d6d363/core-feature-pack/common/src/main/resources/content/bin/common.sh#L57-L60 + if [ -z "$JAVA_ADD_OPENS" ]; then +- JAVA_ADD_OPENS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.security=ALL-UNNAMED" ++ JAVA_ADD_OPENS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.base/java.security=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --enable-native-access=ALL-UNNAMED" + else + echo "JAVA_ADD_OPENS already set in environment; overriding default settings" + fihome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69da9073.37c7f.3ea1126a>